Learn how easy it is to sync an existing GitHub or Google Code repo to a SourceForge project! See Demo

Close

#12 Option not to check certificate

closed
nobody
None
5
2006-09-18
2006-01-27
Anonymous
No

It would have been nice to have an option not to check
or mount anyways in case of a "homemade" certficitate
for ssl-connections so one wouldn't have to buy a
"proper" certificate for small servers for private use.

Discussion

  • Werner Baumann
    Werner Baumann
    2006-02-11

    Logged In: YES
    user_id=1260327

    You can use "homemade" cerificates if you add them to the
    repository of trusted CA-certificates of your system. For
    Debian with OpenSSL this is '/etc/ssl/certs/'. Please
    consult the documentation of OpenSSL.

    Maybe we will add to davfs2 the ability to remember
    certificates that where accepted once (like most browser do).

    But I think it is not a good idea to add an option to accept
    certificates without checking. This would be SSL without
    SSL. It would promise security where there is no securitiy.
    And that is worse than plain http. Many people don't
    recognize that server authentication is the first and most
    important service of TLS/SSL. Recent phishing attacks show
    that we should not do anything suggesting there could be
    security without proper server authentication.

    Greetings
    Werner

     
  • Werner Baumann
    Werner Baumann
    2006-09-18

    • status: open --> closed